92e68cc558
When Linux runs as an Isolated VM on Hyper-V, it supports AMD SEV-SNP but it's partially enlightened, i.e. cc_platform_has( CC_ATTR_GUEST_MEM_ENCRYPT) is true but sev_active() is false. Commit4d96f91091
per se is good, but with it now kvm_setup_vsyscall_timeinfo() -> kvmclock_init_mem() calls set_memory_decrypted(), and later gets stuck when trying to zere out the pages pointed by 'hvclock_mem', if Linux runs as an Isolated VM on Hyper-V. The cause is that here now the Linux VM should no longer access the original guest physical addrss (GPA); instead the VM should do memremap() and access the original GPA + ms_hyperv.shared_gpa_boundary: see the example code in drivers/hv/connection.c: vmbus_connect() or drivers/hv/ring_buffer.c: hv_ringbuffer_init(). If the VM tries to access the original GPA, it keepts getting injected a fault by Hyper-V and gets stuck there. Here the issue happens only when the VM has >=65 vCPUs, because the global static array hv_clock_boot[] can hold 64 "struct pvclock_vsyscall_time_info" (the sizeof of the struct is 64 bytes), so kvmclock_init_mem() only allocates memory in the case of vCPUs > 64. Since the 'hvclock_mem' pages are only useful when the kvm clock is supported by the underlying hypervisor, fix the issue by returning early when Linux VM runs on Hyper-V, which doesn't support kvm clock. Fixes:4d96f91091
("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") Tested-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com> Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com> Signed-off-by: Dexuan Cui <decui@microsoft.com> Message-Id: <20220225084600.17817-1-decui@microsoft.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
346 lines
8.5 KiB
C
346 lines
8.5 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/* KVM paravirtual clock driver. A clocksource implementation
|
|
Copyright (C) 2008 Glauber de Oliveira Costa, Red Hat Inc.
|
|
*/
|
|
|
|
#include <linux/clocksource.h>
|
|
#include <linux/kvm_para.h>
|
|
#include <asm/pvclock.h>
|
|
#include <asm/msr.h>
|
|
#include <asm/apic.h>
|
|
#include <linux/percpu.h>
|
|
#include <linux/hardirq.h>
|
|
#include <linux/cpuhotplug.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/sched/clock.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/set_memory.h>
|
|
#include <linux/cc_platform.h>
|
|
|
|
#include <asm/hypervisor.h>
|
|
#include <asm/x86_init.h>
|
|
#include <asm/kvmclock.h>
|
|
|
|
static int kvmclock __initdata = 1;
|
|
static int kvmclock_vsyscall __initdata = 1;
|
|
static int msr_kvm_system_time __ro_after_init = MSR_KVM_SYSTEM_TIME;
|
|
static int msr_kvm_wall_clock __ro_after_init = MSR_KVM_WALL_CLOCK;
|
|
static u64 kvm_sched_clock_offset __ro_after_init;
|
|
|
|
static int __init parse_no_kvmclock(char *arg)
|
|
{
|
|
kvmclock = 0;
|
|
return 0;
|
|
}
|
|
early_param("no-kvmclock", parse_no_kvmclock);
|
|
|
|
static int __init parse_no_kvmclock_vsyscall(char *arg)
|
|
{
|
|
kvmclock_vsyscall = 0;
|
|
return 0;
|
|
}
|
|
early_param("no-kvmclock-vsyscall", parse_no_kvmclock_vsyscall);
|
|
|
|
/* Aligned to page sizes to match whats mapped via vsyscalls to userspace */
|
|
#define HVC_BOOT_ARRAY_SIZE \
|
|
(PAGE_SIZE / sizeof(struct pvclock_vsyscall_time_info))
|
|
|
|
static struct pvclock_vsyscall_time_info
|
|
hv_clock_boot[HVC_BOOT_ARRAY_SIZE] __bss_decrypted __aligned(PAGE_SIZE);
|
|
static struct pvclock_wall_clock wall_clock __bss_decrypted;
|
|
static struct pvclock_vsyscall_time_info *hvclock_mem;
|
|
DEFINE_PER_CPU(struct pvclock_vsyscall_time_info *, hv_clock_per_cpu);
|
|
EXPORT_PER_CPU_SYMBOL_GPL(hv_clock_per_cpu);
|
|
|
|
/*
|
|
* The wallclock is the time of day when we booted. Since then, some time may
|
|
* have elapsed since the hypervisor wrote the data. So we try to account for
|
|
* that with system time
|
|
*/
|
|
static void kvm_get_wallclock(struct timespec64 *now)
|
|
{
|
|
wrmsrl(msr_kvm_wall_clock, slow_virt_to_phys(&wall_clock));
|
|
preempt_disable();
|
|
pvclock_read_wallclock(&wall_clock, this_cpu_pvti(), now);
|
|
preempt_enable();
|
|
}
|
|
|
|
static int kvm_set_wallclock(const struct timespec64 *now)
|
|
{
|
|
return -ENODEV;
|
|
}
|
|
|
|
static u64 kvm_clock_read(void)
|
|
{
|
|
u64 ret;
|
|
|
|
preempt_disable_notrace();
|
|
ret = pvclock_clocksource_read(this_cpu_pvti());
|
|
preempt_enable_notrace();
|
|
return ret;
|
|
}
|
|
|
|
static u64 kvm_clock_get_cycles(struct clocksource *cs)
|
|
{
|
|
return kvm_clock_read();
|
|
}
|
|
|
|
static u64 kvm_sched_clock_read(void)
|
|
{
|
|
return kvm_clock_read() - kvm_sched_clock_offset;
|
|
}
|
|
|
|
static inline void kvm_sched_clock_init(bool stable)
|
|
{
|
|
if (!stable)
|
|
clear_sched_clock_stable();
|
|
kvm_sched_clock_offset = kvm_clock_read();
|
|
paravirt_set_sched_clock(kvm_sched_clock_read);
|
|
|
|
pr_info("kvm-clock: using sched offset of %llu cycles",
|
|
kvm_sched_clock_offset);
|
|
|
|
BUILD_BUG_ON(sizeof(kvm_sched_clock_offset) >
|
|
sizeof(((struct pvclock_vcpu_time_info *)NULL)->system_time));
|
|
}
|
|
|
|
/*
|
|
* If we don't do that, there is the possibility that the guest
|
|
* will calibrate under heavy load - thus, getting a lower lpj -
|
|
* and execute the delays themselves without load. This is wrong,
|
|
* because no delay loop can finish beforehand.
|
|
* Any heuristics is subject to fail, because ultimately, a large
|
|
* poll of guests can be running and trouble each other. So we preset
|
|
* lpj here
|
|
*/
|
|
static unsigned long kvm_get_tsc_khz(void)
|
|
{
|
|
setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ);
|
|
return pvclock_tsc_khz(this_cpu_pvti());
|
|
}
|
|
|
|
static void __init kvm_get_preset_lpj(void)
|
|
{
|
|
unsigned long khz;
|
|
u64 lpj;
|
|
|
|
khz = kvm_get_tsc_khz();
|
|
|
|
lpj = ((u64)khz * 1000);
|
|
do_div(lpj, HZ);
|
|
preset_lpj = lpj;
|
|
}
|
|
|
|
bool kvm_check_and_clear_guest_paused(void)
|
|
{
|
|
struct pvclock_vsyscall_time_info *src = this_cpu_hvclock();
|
|
bool ret = false;
|
|
|
|
if (!src)
|
|
return ret;
|
|
|
|
if ((src->pvti.flags & PVCLOCK_GUEST_STOPPED) != 0) {
|
|
src->pvti.flags &= ~PVCLOCK_GUEST_STOPPED;
|
|
pvclock_touch_watchdogs();
|
|
ret = true;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static int kvm_cs_enable(struct clocksource *cs)
|
|
{
|
|
vclocks_set_used(VDSO_CLOCKMODE_PVCLOCK);
|
|
return 0;
|
|
}
|
|
|
|
struct clocksource kvm_clock = {
|
|
.name = "kvm-clock",
|
|
.read = kvm_clock_get_cycles,
|
|
.rating = 400,
|
|
.mask = CLOCKSOURCE_MASK(64),
|
|
.flags = CLOCK_SOURCE_IS_CONTINUOUS,
|
|
.enable = kvm_cs_enable,
|
|
};
|
|
EXPORT_SYMBOL_GPL(kvm_clock);
|
|
|
|
static void kvm_register_clock(char *txt)
|
|
{
|
|
struct pvclock_vsyscall_time_info *src = this_cpu_hvclock();
|
|
u64 pa;
|
|
|
|
if (!src)
|
|
return;
|
|
|
|
pa = slow_virt_to_phys(&src->pvti) | 0x01ULL;
|
|
wrmsrl(msr_kvm_system_time, pa);
|
|
pr_debug("kvm-clock: cpu %d, msr %llx, %s", smp_processor_id(), pa, txt);
|
|
}
|
|
|
|
static void kvm_save_sched_clock_state(void)
|
|
{
|
|
}
|
|
|
|
static void kvm_restore_sched_clock_state(void)
|
|
{
|
|
kvm_register_clock("primary cpu clock, resume");
|
|
}
|
|
|
|
#ifdef CONFIG_X86_LOCAL_APIC
|
|
static void kvm_setup_secondary_clock(void)
|
|
{
|
|
kvm_register_clock("secondary cpu clock");
|
|
}
|
|
#endif
|
|
|
|
void kvmclock_disable(void)
|
|
{
|
|
native_write_msr(msr_kvm_system_time, 0, 0);
|
|
}
|
|
|
|
static void __init kvmclock_init_mem(void)
|
|
{
|
|
unsigned long ncpus;
|
|
unsigned int order;
|
|
struct page *p;
|
|
int r;
|
|
|
|
if (HVC_BOOT_ARRAY_SIZE >= num_possible_cpus())
|
|
return;
|
|
|
|
ncpus = num_possible_cpus() - HVC_BOOT_ARRAY_SIZE;
|
|
order = get_order(ncpus * sizeof(*hvclock_mem));
|
|
|
|
p = alloc_pages(GFP_KERNEL, order);
|
|
if (!p) {
|
|
pr_warn("%s: failed to alloc %d pages", __func__, (1U << order));
|
|
return;
|
|
}
|
|
|
|
hvclock_mem = page_address(p);
|
|
|
|
/*
|
|
* hvclock is shared between the guest and the hypervisor, must
|
|
* be mapped decrypted.
|
|
*/
|
|
if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) {
|
|
r = set_memory_decrypted((unsigned long) hvclock_mem,
|
|
1UL << order);
|
|
if (r) {
|
|
__free_pages(p, order);
|
|
hvclock_mem = NULL;
|
|
pr_warn("kvmclock: set_memory_decrypted() failed. Disabling\n");
|
|
return;
|
|
}
|
|
}
|
|
|
|
memset(hvclock_mem, 0, PAGE_SIZE << order);
|
|
}
|
|
|
|
static int __init kvm_setup_vsyscall_timeinfo(void)
|
|
{
|
|
if (!kvm_para_available() || !kvmclock)
|
|
return 0;
|
|
|
|
kvmclock_init_mem();
|
|
|
|
#ifdef CONFIG_X86_64
|
|
if (per_cpu(hv_clock_per_cpu, 0) && kvmclock_vsyscall) {
|
|
u8 flags;
|
|
|
|
flags = pvclock_read_flags(&hv_clock_boot[0].pvti);
|
|
if (!(flags & PVCLOCK_TSC_STABLE_BIT))
|
|
return 0;
|
|
|
|
kvm_clock.vdso_clock_mode = VDSO_CLOCKMODE_PVCLOCK;
|
|
}
|
|
#endif
|
|
|
|
return 0;
|
|
}
|
|
early_initcall(kvm_setup_vsyscall_timeinfo);
|
|
|
|
static int kvmclock_setup_percpu(unsigned int cpu)
|
|
{
|
|
struct pvclock_vsyscall_time_info *p = per_cpu(hv_clock_per_cpu, cpu);
|
|
|
|
/*
|
|
* The per cpu area setup replicates CPU0 data to all cpu
|
|
* pointers. So carefully check. CPU0 has been set up in init
|
|
* already.
|
|
*/
|
|
if (!cpu || (p && p != per_cpu(hv_clock_per_cpu, 0)))
|
|
return 0;
|
|
|
|
/* Use the static page for the first CPUs, allocate otherwise */
|
|
if (cpu < HVC_BOOT_ARRAY_SIZE)
|
|
p = &hv_clock_boot[cpu];
|
|
else if (hvclock_mem)
|
|
p = hvclock_mem + cpu - HVC_BOOT_ARRAY_SIZE;
|
|
else
|
|
return -ENOMEM;
|
|
|
|
per_cpu(hv_clock_per_cpu, cpu) = p;
|
|
return p ? 0 : -ENOMEM;
|
|
}
|
|
|
|
void __init kvmclock_init(void)
|
|
{
|
|
u8 flags;
|
|
|
|
if (!kvm_para_available() || !kvmclock)
|
|
return;
|
|
|
|
if (kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE2)) {
|
|
msr_kvm_system_time = MSR_KVM_SYSTEM_TIME_NEW;
|
|
msr_kvm_wall_clock = MSR_KVM_WALL_CLOCK_NEW;
|
|
} else if (!kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE)) {
|
|
return;
|
|
}
|
|
|
|
if (cpuhp_setup_state(CPUHP_BP_PREPARE_DYN, "kvmclock:setup_percpu",
|
|
kvmclock_setup_percpu, NULL) < 0) {
|
|
return;
|
|
}
|
|
|
|
pr_info("kvm-clock: Using msrs %x and %x",
|
|
msr_kvm_system_time, msr_kvm_wall_clock);
|
|
|
|
this_cpu_write(hv_clock_per_cpu, &hv_clock_boot[0]);
|
|
kvm_register_clock("primary cpu clock");
|
|
pvclock_set_pvti_cpu0_va(hv_clock_boot);
|
|
|
|
if (kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE_STABLE_BIT))
|
|
pvclock_set_flags(PVCLOCK_TSC_STABLE_BIT);
|
|
|
|
flags = pvclock_read_flags(&hv_clock_boot[0].pvti);
|
|
kvm_sched_clock_init(flags & PVCLOCK_TSC_STABLE_BIT);
|
|
|
|
x86_platform.calibrate_tsc = kvm_get_tsc_khz;
|
|
x86_platform.calibrate_cpu = kvm_get_tsc_khz;
|
|
x86_platform.get_wallclock = kvm_get_wallclock;
|
|
x86_platform.set_wallclock = kvm_set_wallclock;
|
|
#ifdef CONFIG_X86_LOCAL_APIC
|
|
x86_cpuinit.early_percpu_clock_init = kvm_setup_secondary_clock;
|
|
#endif
|
|
x86_platform.save_sched_clock_state = kvm_save_sched_clock_state;
|
|
x86_platform.restore_sched_clock_state = kvm_restore_sched_clock_state;
|
|
kvm_get_preset_lpj();
|
|
|
|
/*
|
|
* X86_FEATURE_NONSTOP_TSC is TSC runs at constant rate
|
|
* with P/T states and does not stop in deep C-states.
|
|
*
|
|
* Invariant TSC exposed by host means kvmclock is not necessary:
|
|
* can use TSC as clocksource.
|
|
*
|
|
*/
|
|
if (boot_cpu_has(X86_FEATURE_CONSTANT_TSC) &&
|
|
boot_cpu_has(X86_FEATURE_NONSTOP_TSC) &&
|
|
!check_tsc_unstable())
|
|
kvm_clock.rating = 299;
|
|
|
|
clocksource_register_hz(&kvm_clock, NSEC_PER_SEC);
|
|
pv_info.name = "KVM";
|
|
}
|